jiouniversities.com Open in urlscan Pro
199.188.206.8 Public Scan

URL:
http://jiouniversities.com/
Submission: On June 07 via manual (June 7th 2021, 8:41:46 am UTC) from IN

Summary HTTP 132 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 132 HTTP transactions. The main IP is 199.188.206.8, located in United States and belongs to NAMECHEAP-NET, US. The main domain is jiouniversities.com.

This is the only time jiouniversities.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	199.188.206.8 199.188.206.8	22612 (NAMECHEAP...) (NAMECHEAP-NET)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
56	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
132	14

26 199.188.206.8 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium81-1.web-hosting.com

jiouniversities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	744 KB
26	jiouniversities.com jiouniversities.com	1 MB
19	doubleclick.net googleads.g.doubleclick.net	148 KB
8	google.com 4 redirects adservice.google.com www.google.com	1 KB
5	googletagservices.com www.googletagservices.com	176 KB
2	google.de adservice.google.de	921 B
2	google-analytics.com www.google-analytics.com	19 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com	642 B
1	2mdn.net s0.2mdn.net	23 KB
1	googleadservices.com partner.googleadservices.com	648 B
1	googletagmanager.com www.googletagmanager.com	35 KB
132	12

	Domain	Requested by
56	tpc.googlesyndication.com	jiouniversities.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
26	jiouniversities.com	jiouniversities.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com jiouniversities.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	jiouniversities.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	jiouniversities.com
132	14

This site contains links to these domains. Also see Links.

Domain
wordpress.org
themezee.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh

This page contains 22 frames:

Primary Page: http://jiouniversities.com/
Frame ID: ABD624787DBB7A44D58F73AE6BD48A4A
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Frame ID: C8CFE486DCCB12196BAC29E56CCF6BEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&adk=1812271804&adf=3025194257&lmt=1623055287&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjiouniversities.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1623055287168&bpp=8&bdt=1352&idt=107&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=627560498568&frm=20&pv=2&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=129
Frame ID: F533ABFDD64BDC9196EE255A1D0EF85B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13
Frame ID: F995E0754809B194670754580FBE2FC4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2835540081&pi=t.aa~a.3149779395~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600&nras=3&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qQ2mMYeZDY&p=http%3A//jiouniversities.com&dtd=20
Frame ID: 3033A2D842B4B24ECD7B3783B7429183
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24
Frame ID: 0A157B6742C8857A684351DAC127C51E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27
Frame ID: 16F3D02AF032EAEFF07B26866390139C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31
Frame ID: C43ABBF03DF53247E6A9937C21847485
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html
Frame ID: 7FB8BFF05090F6764AD3DA19FB4916D1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C3XNut9u9YPe3HsXFtweMiLOAC5j6mrlN8am3grMImPD658UiEAEg4uXYJ2CVAqAB7c39mQPIAQmpAqWM0SGoabQ-qAMByANIqgS-AU_Qm0pvT9A0BIbPsjyqyJKWqq_YVOL14_2V_27SOwqltTyGCwmoUC8SHCnSQXWo7rzftF9ubDxs4L1sO3lXO__t2Zn_itOxC3H05aHn-9L4HWcxvAxLgCfBsE19FGwg5PQVsNKMrVT6edlxYmWHl2VW3sZwM2cpw1x6u1_Bmd4No-93UshAzqhvJdS1KUN9Tu9l8ARZvKuk4RgPK105c3OvxyZB5v35WZ3lH0DiRqAy4ZABFpn290AhBIvq-EPABOGSm5yTAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAftr4JmqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEN7uC9IICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXGgoYCAASFHB1Yi01NTQ1NDExMTY3MTAzMjI4&sigh=ypJBMdpnFi4&template_id=419
Frame ID: E912A85B70F2FA642094C71119587D37
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html
Frame ID: 8FDC2A35D38B420781B03751272748E1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js
Frame ID: D24240A3FDE0FD069FFB238909A028B9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D1DDE934753FEBEC9E3BE5C9DA10A489
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1491EF5C245536015616E0C34677F15B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html
Frame ID: 3B5E4E716108AE3AEA55239B49982CEF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2eQFt9u9YOudHtGOtwfesrvACpj6mrlNyam3grMImPD658UiEAEg4uXYJ2CVAqAB7c39mQPIAQmpAqWM0SGoabQ-qAMByANIqgS5AU_QFb55pMJSZCcOjXvzb0NezD1Z87-Xtoo8_iaq1OjadGSmnKaOIGKMGotp1Vv09WbIvEK1zR4JuNGqMVFl9ci7YrBwuGMpFize6JNFv9oXpPOWmApwtYLqhLFaQq-hLM_w9YdDILLNonYzN5eVcxrVMsNFHvO873i3LXNrfqt1PWcaFFbRi_VoTrqzhp45y8PTPULtaNfWL_Ha7oyTK794uLn92jGD3Igywz1H4PMzuL9E4YP6CLiRwAThkpuckwGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7a-CZqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCN_AfSCAkIgOGAEBABGB-ACgHICwHYEwLQFQGAFwGyFxoKGAgAEhRwdWItNTU0NTQxMTE2NzEwMzIyOA&sigh=xSWpbq-bqqs&template_id=419
Frame ID: FBA9EF9B7D6E350D5B76B4DE8FAFF734
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html
Frame ID: D15B0AB46C6BF25A9AFAFB696C624117
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CLAkRt9u9YOnaHpTvtwf1npLIBsnZkPRhtIGNl7UN8Ob4kYsjEAEg4uXYJ2CVAqABhMG6jwPIAQmpAqWM0SGoabQ-qAMByANIqgS1AU_Qx0UAmc4SyB4DmEfHgoUXwPhgzytKq6A9CMp2xo2Zn8VRPICU002uzlwP3B8o1rEu0_p23OOLF64m4paTfnGW9VOv0bNE_K-bSEHqqtz9dV-GD8w_Q-vBgpZKXGZ2yhHLYNdWVQYpRHpE--rn9MhMbeqYVpbWIYeCo14zkfowzZaLK1BWMWHrl87ldu9pnPEcd8rU8YHkn2zaheIDMKQYznQeYZg9eDIvlZI8lkeKapnTaQbABLG1oKG7A5IFBAgEGAGSBQQIBRgEoAYugAfkvsVwqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEO2AEdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi01NTQ1NDExMTY3MTAzMjI4&sigh=c5gz4QTiRtM&template_id=419
Frame ID: 7BA2BC72413F2F933AA15250D078EBCC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CC4732AFB8DE6A43BCD1D6251A866B3C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B8116D1C643019A670D777B989C3D56C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AF21BC946A1577711A4E2A8EAF7260A8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 084789F96D5548CBE26C59FACC4F8D86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

132
Requests

80 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

2414 kB
Transfer

4222 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://themezee.com/themes/wellington/
Title: Wellington

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

132 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jiouniversities.com/ 39 KB
9 KB 616ms
569ms Document
text/html 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed / PHP/7.4.16
Resource Hash: 34a5f436d9e51eb9a5e55c65f833d4abac3379c411e1a6acce8406a144f46cc3

Request headers

Host: jiouniversities.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/7.4.16
content-type: text/html; charset=UTF-8
link: <http://jiouniversities.com/wp-json/>; rel="https://api.w.org/"
etag: "446322-1622879767;gz"
x-litespeed-cache: hit
content-encoding: gzip
vary: Accept-Encoding
content-length: 9181
date: Mon, 07 Jun 2021 08:41:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK custom-fonts.css
jiouniversities.com/wp-content/themes/wellington/assets/css/ 2 KB
841 B 529ms
528ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 368c561c855a936f62076f0c9ce7ee545e74fd42b5a4752247fd88cc6a518cc5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 496
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK style.min.css
jiouniversities.com/wp-includes/css/dist/block-library/ 53 KB
10 KB 605ms
598ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 01 Nov 2020 07:04:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9627
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK style.min.css
jiouniversities.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 369 B
527 B 599ms
593ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=1.7
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Oct 2019 00:26:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 182
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK screen.min.css
jiouniversities.com/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 598ms
592ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=1.7
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Oct 2019 00:26:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1654
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK style.css
jiouniversities.com/wp-content/themes/wellington/ 51 KB
12 KB 603ms
596ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/style.css?ver=1.4.1
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 519d9025f3921b7b340cd63adf861797fd5155f5115c5a812f343a8c8f6e4edf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11726
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK genericons.css
jiouniversities.com/wp-content/themes/wellington/assets/genericons/ 28 KB
16 KB 603ms
597ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/assets/genericons/genericons.css?ver=3.4.1
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3c4c97817d4302d8e95fb2a3614ecf9fcd386df66d75ec1f04b7ed1fa7164d22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16439
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK jquery.js Show response
jiouniversities.com/wp-includes/js/jquery/ 95 KB
38 KB 905ms
313ms Script
application/javascript 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 01 Nov 2020 07:04:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 38045
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK navigation.js Show response
jiouniversities.com/wp-content/themes/wellington/assets/js/ 5 KB
2 KB 893ms
300ms Script
application/javascript 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/assets/js/navigation.js?ver=20160719
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: f80bb012b20788fc0502ddf8e610b2cb86f9f0d6aa57311114ff098881d5cbfd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1760
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK counter.css
jiouniversities.com/wp-content/plugins/count-per-day/ 12 KB
3 KB 699ms
175ms Stylesheet
text/css 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/plugins/count-per-day/counter.css
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 128ead405d194dd8c22eea05fa0457a690c40e33ef4b30191b56a000f4e3532a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Sat, 19 Oct 2019 08:56:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3031
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48419
x-xss-protection: 0
server: cafe
etag: 13744972075384101287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Jun 2021 08:41:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175901463-1

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7ed7183bdb885657910d79795821a5026e26d6acb82f69e5004445902029983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35964
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK cropped-jio-educational-news.png
jiouniversities.com/wp-content/uploads/2019/02/ 19 KB
19 KB 199ms
199ms Image
image/png 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/02/cropped-jio-educational-news.png
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2d1d5dae3f158cfc4b799414b170189e823fd3e49046eee1d3d7fcdc3485105f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 19642
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
jiouniversities.com/wp-includes/js/ 1 KB
1 KB 173ms
172ms Script
application/javascript 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:26 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:58:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 778
expires: Mon, 14 Jun 2021 08:41:26 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
jiouniversities.com/wp-includes/js/ 14 KB
5 KB 172ms
172ms Script
application/javascript 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 00:58:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5213
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK gudea-v5-latin-ext_latin-regular.woff2
jiouniversities.com/wp-content/themes/wellington/assets/fonts/ 8 KB
8 KB 172ms
172ms Font
font/woff2 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/assets/fonts/gudea-v5-latin-ext_latin-regular.woff2
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 66946e3c3ccf3e4609c7da3449aeb3fe9694c330678d98e1d8ea6651dd10dcb9

Request headers

Pragma: no-cache
Origin: http://jiouniversities.com
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Connection: keep-alive
Cache-Control: no-cache
Origin: http://jiouniversities.com
Referer: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8392
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK magra-v5-latin-ext_latin-700.woff2
jiouniversities.com/wp-content/themes/wellington/assets/fonts/ 14 KB
15 KB 169ms
169ms Font
font/woff2 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/assets/fonts/magra-v5-latin-ext_latin-700.woff2
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 68ad76102e5c0aab5e12aca2651f9cf4d7a5ca4869de88810245b1e7f4ae24b6

Request headers

Pragma: no-cache
Origin: http://jiouniversities.com
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Connection: keep-alive
Cache-Control: no-cache
Origin: http://jiouniversities.com
Referer: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14696
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK gudea-v5-latin-ext_latin-700.woff2
jiouniversities.com/wp-content/themes/wellington/assets/fonts/ 8 KB
9 KB 166ms
165ms Font
font/woff2 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://jiouniversities.com/wp-content/themes/wellington/assets/fonts/gudea-v5-latin-ext_latin-700.woff2
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7b106f2c26ae05f297d2f827ded52f95464b450c3389d68cc38a534ab39d9190

Request headers

Pragma: no-cache
Origin: http://jiouniversities.com
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
Connection: keep-alive
Cache-Control: no-cache
Origin: http://jiouniversities.com
Referer: http://jiouniversities.com/wp-content/themes/wellington/assets/css/custom-fonts.css?ver=20180413
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:24 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8504
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin: http://jiouniversities.com
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK WGU-Student-Portal-Login.png
jiouniversities.com/wp-content/uploads/2018/09/ 43 KB
43 KB 168ms
167ms Image
image/png 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2018/09/WGU-Student-Portal-Login.png
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0c0131864b6bd44838080829f6ff10603a50186025be77a3de0232fc5e6c58e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:30 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 44223
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Join-in-BET-Internship-Program.png
jiouniversities.com/wp-content/uploads/2019/01/ 5 KB
5 KB 178ms
163ms Image
image/png 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/01/Join-in-BET-Internship-Program.png
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 63575c6a5eabb505cb7b1a20316049c6c02733dff339820476366be7380de3a0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:32 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5202
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Top-Ten-Highest-Paying-Jobs-of-the-Future-1-880x512.png
jiouniversities.com/wp-content/uploads/2020/07/ 382 KB
382 KB 205ms
175ms Image
image/png 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2020/07/Top-Ten-Highest-Paying-Jobs-of-the-Future-1-880x512.png
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: cd28633fdb2cc9dde877ea054ac78b7663db3df17752eea49b8dffbfd72551e3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Thu, 30 Jul 2020 12:11:19 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 391206
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK How-to-View-the-SAT-Scores-on-the-College-Board.png
jiouniversities.com/wp-content/uploads/2020/07/ 341 KB
341 KB 175ms
175ms Image
image/png 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2020/07/How-to-View-the-SAT-Scores-on-the-College-Board.png
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7ef28258152c9b2b7516e39198481bb5d098d274c91a2987600e3ed220f20b7c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Tue, 14 Jul 2020 08:40:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 349104
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Make-Career-as-Radio-Jockey.jpg
jiouniversities.com/wp-content/uploads/2019/10/ 24 KB
24 KB 166ms
165ms Image
image/jpeg 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/10/Make-Career-as-Radio-Jockey.jpg
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: f6f598b37c9efb9b0c52d70e0579b2f66938464e0cfe42fa77cc879420796467

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Cookie: _ga=GA1.2.165849996.1623055287; _gid=GA1.2.2146745117.1623055287; _gat_gtag_UA_175901463_1=1; __gads=ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sat, 19 Oct 2019 09:41:54 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 24449
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Benefits-and-Risks-of-Private-Student-Loan-1.png
jiouniversities.com/wp-content/uploads/2019/09/ 165 KB
165 KB 171ms
171ms Image
image/png 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/09/Benefits-and-Risks-of-Private-Student-Loan-1.png
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 53f24292a3fd54889277e9517a5cfd275fc1f2c288fd0adfdfbe63d4131570d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Cookie: _ga=GA1.2.165849996.1623055287; _gid=GA1.2.2146745117.1623055287; _gat_gtag_UA_175901463_1=1; __gads=ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Tue, 14 Jul 2020 08:19:09 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 168624
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK What-after-Diploma-in-Pharmacy.jpg
jiouniversities.com/wp-content/uploads/2019/08/ 29 KB
29 KB 167ms
167ms Image
image/jpeg 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/08/What-after-Diploma-in-Pharmacy.jpg
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 17e290f351cb47897e866fad434a109402fa8de75b3dc50bfc46edd0368f6974

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Cookie: _ga=GA1.2.165849996.1623055287; _gid=GA1.2.2146745117.1623055287; _gat_gtag_UA_175901463_1=1; __gads=ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 29899
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Excellent-Student-financing-at-www-wellsfargo-com-student.jpg
jiouniversities.com/wp-content/uploads/2019/07/ 25 KB
25 KB 161ms
161ms Image
image/jpeg 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/07/Excellent-Student-financing-at-www-wellsfargo-com-student.jpg
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 763186aaf7c3ba15f0e9187ef50379c4a6260973f93f29cfced357e3730e8c01

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Cookie: _ga=GA1.2.165849996.1623055287; _gid=GA1.2.2146745117.1623055287; _gat_gtag_UA_175901463_1=1; __gads=ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25438
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Diploma-in-Civil-Engineering.jpg
jiouniversities.com/wp-content/uploads/2019/07/ 50 KB
51 KB 170ms
169ms Image
image/jpeg 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/07/Diploma-in-Civil-Engineering.jpg
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 223f3f6dbcb6129bb4e3c692f19c556bb45137f605303ce00cb52760491e346c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Cookie: _ga=GA1.2.165849996.1623055287; _gid=GA1.2.2146745117.1623055287; _gat_gtag_UA_175901463_1=1; __gads=ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 51487
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H/1.1 200
OK Supply-Chain-Management.jpg
jiouniversities.com/wp-content/uploads/2019/05/ 18 KB
19 KB 209ms
208ms Image
image/jpeg 199.188.206.8
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jiouniversities.com/wp-content/uploads/2019/05/Supply-Chain-Management.jpg
Requested by: Host: jiouniversities.com
URL: http://jiouniversities.com/
Protocol: HTTP/1.1
Server: 199.188.206.8 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium81-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 841466a65bbf79de1ef65cf9b8039a06047d83a54ea7d88a8d9557e372f9fba2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: jiouniversities.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://jiouniversities.com/
Cookie: _ga=GA1.2.165849996.1623055287; _gid=GA1.2.2146745117.1623055287; _gat_gtag_UA_175901463_1=1; __gads=ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
last-modified: Sun, 06 Oct 2019 00:26:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 18712
expires: Mon, 14 Jun 2021 08:41:27 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/ 232 KB
86 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5545411167103228&plah=jiouniversities.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87637
x-xss-protection: 0
server: cafe
etag: 15632250250964762239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 07 Jun 2021 08:41:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame C8CF 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210601/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 06 Jun 2021 23:11:58 GMT
expires: Sun, 20 Jun 2021 23:11:58 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 34169
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175901463-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5404
date: Mon, 07 Jun 2021 07:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 07 Jun 2021 09:11:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
648 B 37ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jiouniversities.com&callback=_gfp_s_&client=ca-pub-5545411167103228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5545411167103228&plah=jiouniversities.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

32b5465fe9062f0030bfa921880796c97068beea1d80d87c274af041a6297255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jiouniversities.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jiouniversities.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F533 12 KB
1 KB 103ms
89ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&adk=1812271804&adf=3025194257&lmt=1623055287&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjiouniversities.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1623055287168&bpp=8&bdt=1352&idt=107&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=627560498568&frm=20&pv=2&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=129

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72a1c3d3f413cec7de06d02f29045f39459fbd29555bc674e53917c8576f491c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5545411167103228&output=html&adk=1812271804&adf=3025194257&lmt=1623055287&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjiouniversities.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1623055287168&bpp=8&bdt=1352&idt=107&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=627560498568&frm=20&pv=2&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=129
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Jun 2021 08:41:27 GMT
server: cafe
content-length: 1218
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 07-Jun-2021 08:56:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:27 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622805992319560"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Mon, 07 Jun 2021 08:41:27 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1796849881&t=pageview&_s=1&dl=http%3A%2F%2Fjiouniversities.com%2F&ul=en-us&de=UTF-8&dt=Jio%20University%20%7C%20Find%20best%20course%20or%20study%20destination&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=817294253&gjid=476436414&cid=165849996.1623055287&tid=UA-175901463-1&_gid=2146745117.1623055287&_r=1&gtm=2ou621&z=1203703882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 08:41:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jiouniversities.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
19ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jiouniversities.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jiouniversities.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 08:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F995 118 KB
37 KB 605ms
605ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebbeed59eb5779b87b237c475f6b4edd7fbb10e0778f7778fe1f9444dac648fa

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-C8o6QhfECFQLH7QodrvkM5Q&gqi=t9u9YOCQHZOPtwf1mIKQDA&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-C8o6QhfECFQLH7QodrvkM5Q&gqi=t9u9YOCQHZOPtwf1mIKQDA&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Jun 2021 08:41:28 GMT
server: cafe
content-length: 38257
x-xss-protection: 0
set-cookie: IDE=AHWqTUlcAbyTSXeFcR90RRGNFlBlc7RHoPcM1bZgXcHBKKpQL8G7adyHXQwLUojClao; expires=Sat, 02-Jul-2022 08:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3033 399 B
224 B 367ms
367ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2835540081&pi=t.aa~a.3149779395~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600&nras=3&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qQ2mMYeZDY&p=http%3A//jiouniversities.com&dtd=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a4337abd0117172da8d9b293f6ae9a1e6f4b0d8a67d7a1c59fcab1dba88dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2835540081&pi=t.aa~a.3149779395~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600&nras=3&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=qQ2mMYeZDY&p=http%3A//jiouniversities.com&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Jun 2021 08:41:27 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: IDE=AHWqTUmZoHRtyVArtlj9HuN5bP70Lo6o96OxepJq4JUsMNkefIkc4hOJeAf6HdkYcSY; expires=Sat, 02-Jul-2022 08:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:27 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A15 107 KB
34 KB 618ms
617ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b0f6c059cb2f4a52a73c333bc86f5996c9f9e5eea0d07f5f96f2901e7846658

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKvV8o6QhfECFVHH7QodXtkOqA&gqi=t9u9YKvjHYH7tgff1YKoCQ&layout=/sadbundle/%24csp%253Der3%24/11307366548342674156/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKvV8o6QhfECFVHH7QodXtkOqA&gqi=t9u9YKvjHYH7tgff1YKoCQ&layout=/sadbundle/%24csp%253Der3%24/11307366548342674156/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Jun 2021 08:41:28 GMT
server: cafe
content-length: 35187
x-xss-protection: 0
set-cookie: IDE=AHWqTUnQ7HUtyZhYRZ_Z_oSXDwdCY4D_hvoLpFW_b1-x5G4jeOZuYlQLY82tcQbTiFU; expires=Sat, 02-Jul-2022 08:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16F3 108 KB
35 KB 560ms
560ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdfefc4b466698197ea2a8ad22b9708c6b1acdeb37a68a673e272b278b92f56c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfv8o6QhfECFcXi7QodDMQMsA&gqi=t9u9YKr9Hcfxtweou4qIAw&layout=/sadbundle/%24csp%253Der3%24/8678984314660977005/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfv8o6QhfECFcXi7QodDMQMsA&gqi=t9u9YKr9Hcfxtweou4qIAw&layout=/sadbundle/%24csp%253Der3%24/8678984314660977005/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Jun 2021 08:41:28 GMT
server: cafe
content-length: 35324
x-xss-protection: 0
set-cookie: IDE=AHWqTUkb6OA9x_EKoarGnfsZ6D-kvPQuxqQQHbDRnoqBGRPqcG1GfApO9_J3cviPkZY; expires=Sat, 02-Jul-2022 08:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C43A 106 KB
34 KB 653ms
653ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c72d718cb6beac8f86b383f5f51eff73afb4c625cb4dfb14d1ca229ac57a2275

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKmS846QhfECFZT37QoddY8EaQ&gqi=t9u9YIOdHpeXtwenyJPoAQ&layout=/sadbundle/%24csp%253Der3%24/4737822708935884168/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKmS846QhfECFZT37QoddY8EaQ&gqi=t9u9YIOdHpeXtwenyJPoAQ&layout=/sadbundle/%24csp%253Der3%24/4737822708935884168/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Jun 2021 08:41:28 GMT
server: cafe
content-length: 35119
x-xss-protection: 0
set-cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ; expires=Sat, 02-Jul-2022 08:41:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 160 KB
25 KB 34ms
11ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a96d430a906fc76a10e24e105f89b22cf047e1deebcfad3b46bf00c454e43b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8678984314660977005/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 02 Jun 2021 21:33:52 GMT
expires: Thu, 02 Jun 2022 21:33:52 GMT
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 24621
age: 385656
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E912 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3XNut9u9YPe3HsXFtweMiLOAC5j6mrlN8am3grMImPD658UiEAEg4uXYJ2CVAqAB7c39mQPIAQmpAqWM0SGoabQ-qAMByANIqgS-AU_Qm0pvT9A0BIbPsjyqyJKWqq_YVOL14_2V_27SOwqltTyGCwmoUC8SHCnSQXWo7rzftF9ubDxs4L1sO3lXO__t2Zn_itOxC3H05aHn-9L4HWcxvAxLgCfBsE19FGwg5PQVsNKMrVT6edlxYmWHl2VW3sZwM2cpw1x6u1_Bmd4No-93UshAzqhvJdS1KUN9Tu9l8ARZvKuk4RgPK105c3OvxyZB5v35WZ3lH0DiRqAy4ZABFpn290AhBIvq-EPABOGSm5yTAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAftr4JmqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEN7uC9IICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXGgoYCAASFHB1Yi01NTQ1NDExMTY3MTAzMjI4&sigh=ypJBMdpnFi4&template_id=419

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 07 Jun 2021 08:41:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame E912 17 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame E912 2 KB
1 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E912 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame E912 13 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:51 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 8FDC 11 KB
3 KB 26ms
9ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16986808040249150219/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2990
date: Wed, 02 Jun 2021 02:20:51 GMT
expires: Thu, 02 Jun 2022 02:20:51 GMT
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 454837
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame D242 17 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame D242 2 KB
1 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D242 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame D242 13 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:51 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D1DD 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=2700280583&pi=t.aa~a.3149689873~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280&nras=5&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=4bPiFflYKR&p=http%3A//jiouniversities.com&dtd=27

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Jun 2021 08:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 270
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E912 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31a8a4ebf083f62ad8452f51617c5320e2aadc0cddd173b3ff7f3cab66b72ee5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1491 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Jun 2021 08:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 270
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame E912 0
20 B 28ms
14ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfv8o6QhfECFcXi7QodDMQMsA&gqi=t9u9YKr9Hcfxtweou4qIAw&layout=/sadbundle/%24csp%253Der3%24/8678984314660977005/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 08:41:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame D242 0
20 B 20ms
14ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO-C8o6QhfECFQLH7QodrvkM5Q&gqi=t9u9YOCQHZOPtwf1mIKQDA&layout=/sadbundle/%24csp%253Der3%24/16986808040249150219/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 08:41:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D242 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e9eaf1b54e77e506640fd0a32b8a908ff75201cd2899878af898d6f4edc300f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7FB8 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Jun 2021 04:11:51 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7FB8 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 07 Jun 2021 20:37:24 GMT

GET
H3-29 200 bg_980x120.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 12 KB
12 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/bg_980x120.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07e3b2b92fc8de2a4726ca02d1260537d747e594e0c73239b4c20ae2a83fc950

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12171
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 sm_car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/sm_car.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f52fcaad39fb61ed178796dcc4e97b42933cb23b4547cb8a46be18ad0f406057

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5248
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 gun_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 1 KB
1 KB 12ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/gun_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc0f207781486fc7dde23d81868a8d1107656031c87103e337abfee7ab50dbe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1371
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 exp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 2 KB
2 KB 11ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/exp.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f05f8e01af4400f7e8ef47aaec6245ed6904b9552fee0f2448a80225adf1bc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1715
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 gun_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 5 KB
5 KB 10ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/gun_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f535c47b77978bfb9f03aa2cfe9d9e4a17ae8a8eaf44b6464c54d44d66f43fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5410
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 56 KB
56 KB 16ms
15ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/car.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74bb5c1458b133170c0151c5fafcf56f0fb2cf110f5fe17da942fd1074ba4fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57481
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 logos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 1 KB
1 KB 18ms
16ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/logos.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49aca7ccb818a50f7a6561a332134a44d47f868550e97eb6d25f57cc4755130d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 7 KB
7 KB 16ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/button.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e498f3b097a3ec0d7bac08c85fb412497dd21cb14f0498f2c0df630042ee9cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 new_veh.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 4 KB
4 KB 15ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/new_veh.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e45a16046c93a2ef181433dba24e253cbdbe4910a3fa3b3ca197c50c9e68fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3691
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 new_gun.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/new_gun.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3638bd6ab11bf9c873ee5f541ebc394314779480f0bb15b264bf68a54642b02

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3292
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 new_cha.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 5 KB
5 KB 13ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/new_cha.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d43bec55c2b869d4be312e1107dd87eda62d2fe4ea33ac9f37b8e1271a8d8d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5270
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 XO.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/ Frame 7FB8 5 KB
5 KB 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/XO.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8678984314660977005/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80abef344a0bbe5285dfd4a48eee982f8ee404d1a7b62a90673ab7077570c1ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 385655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:07:47 GMT
server: sffe
date: Wed, 02 Jun 2021 21:33:53 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:33:53 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8FDC 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Jun 2021 04:11:51 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8FDC 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 07 Jun 2021 20:37:24 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8FDC 57 KB
23 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 160 KB
27 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e39592104ddbae1322296040070f96c180de3df022fc6eda041d7179bf792dd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11307366548342674156/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 02 Jun 2021 21:08:46 GMT
expires: Thu, 02 Jun 2022 21:08:46 GMT
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 27623
age: 387162
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame FBA9 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2eQFt9u9YOudHtGOtwfesrvACpj6mrlNyam3grMImPD658UiEAEg4uXYJ2CVAqAB7c39mQPIAQmpAqWM0SGoabQ-qAMByANIqgS5AU_QFb55pMJSZCcOjXvzb0NezD1Z87-Xtoo8_iaq1OjadGSmnKaOIGKMGotp1Vv09WbIvEK1zR4JuNGqMVFl9ci7YrBwuGMpFize6JNFv9oXpPOWmApwtYLqhLFaQq-hLM_w9YdDILLNonYzN5eVcxrVMsNFHvO873i3LXNrfqt1PWcaFFbRi_VoTrqzhp45y8PTPULtaNfWL_Ha7oyTK794uLn92jGD3Igywz1H4PMzuL9E4YP6CLiRwAThkpuckwGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7a-CZqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCN_AfSCAkIgOGAEBABGB-ACgHICwHYEwLQFQGAFwGyFxoKGAgAEhRwdWItNTU0NTQxMTE2NzEwMzIyOA&sigh=xSWpbq-bqqs&template_id=419

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 07 Jun 2021 08:41:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame FBA9 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame FBA9 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBA9 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame FBA9 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:51 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/ Frame D15B 11 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c40f9242eb84003930b6d976089da3d4269c9438031dd86ee2a8bd2569b122f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4737822708935884168/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3304
date: Tue, 01 Jun 2021 19:12:49 GMT
expires: Wed, 01 Jun 2022 19:12:49 GMT
last-modified: Thu, 18 Mar 2021 14:51:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 480519
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7BA2 0
0 19ms
19ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLAkRt9u9YOnaHpTvtwf1npLIBsnZkPRhtIGNl7UN8Ob4kYsjEAEg4uXYJ2CVAqABhMG6jwPIAQmpAqWM0SGoabQ-qAMByANIqgS1AU_Qx0UAmc4SyB4DmEfHgoUXwPhgzytKq6A9CMp2xo2Zn8VRPICU002uzlwP3B8o1rEu0_p23OOLF64m4paTfnGW9VOv0bNE_K-bSEHqqtz9dV-GD8w_Q-vBgpZKXGZ2yhHLYNdWVQYpRHpE--rn9MhMbeqYVpbWIYeCo14zkfowzZaLK1BWMWHrl87ldu9pnPEcd8rU8YHkn2zaheIDMKQYznQeYZg9eDIvlZI8lkeKapnTaQbABLG1oKG7A5IFBAgEGAGSBQQIBRgEoAYugAfkvsVwqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEO2AEdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi01NTQ1NDExMTY3MTAzMjI4&sigh=c5gz4QTiRtM&template_id=419

Requested by

Host: jiouniversities.com
URL: http://jiouniversities.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 07 Jun 2021 08:41:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 7BA2 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:39 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 7BA2 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BA2 122 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 7BA2 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 08:39:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7BA2 0
0 14ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpQG8DyULNAc1fZ54oVvDSQn84-XjmbLUbmeMw_9WkWm1GiY5ZySwotmbS49RsNOeTLohssRwG0ROGt_vT6E5QscRTvg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC47 143 B
163 B 10ms
9ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=280&adk=1386250298&adf=2707833621&pi=t.aa~a.3149782394~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x280&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=2&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280&nras=4&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=2299&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=7iNzywtVt0&p=http%3A//jiouniversities.com&dtd=24

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Jun 2021 08:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 270
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 8FDC 989 B
1016 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/imagesuv0myt5eb1rnnbxsp1ds.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 457045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 989
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Wed, 02 Jun 2021 01:44:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:44:03 GMT

GET
H3-29 200 18b0007183d0bb7a5606546c7ff0290f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/ Frame 8FDC 116 KB
116 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/18b0007183d0bb7a5606546c7ff0290f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16986808040249150219/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 537034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119162
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:56:43 GMT
server: sffe
date: Tue, 01 Jun 2021 03:30:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 03:30:54 GMT

GET
DATA 200
OK truncated
/ Frame FBA9 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10cad6e095dd33e22c1268cc8a0d651329aed61636af54ab4a0d4a007e08bebd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame FBA9 0
20 B 14ms
14ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKvV8o6QhfECFVHH7QodXtkOqA&gqi=t9u9YKvjHYH7tgff1YKoCQ&layout=/sadbundle/%24csp%253Der3%24/11307366548342674156/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 08:41:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B811 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Jun 2021 08:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 270
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7BA2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ec611e9650d21726fdefe1b6b11e3000e0ec2f186e1fbe0d3244155e90c5c87

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7BA2 0
20 B 14ms
14ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKmS846QhfECFZT37QoddY8EaQ&gqi=t9u9YIOdHpeXtwenyJPoAQ&layout=/sadbundle/%24csp%253Der3%24/4737822708935884168/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 08:41:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3B5E 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Jun 2021 04:11:51 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B5E 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 07 Jun 2021 20:37:24 GMT

GET
H3-29 200 bg_970x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 19 KB
19 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/bg_970x250.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4e5f439c70901aa2713a7e96b40c7ebab4ca06c5c3bc731f406f28baa29100

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19073
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:47 GMT

GET
H3-29 200 sm_car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/sm_car.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f52fcaad39fb61ed178796dcc4e97b42933cb23b4547cb8a46be18ad0f406057

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5248
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 gun_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 1 KB
1 KB 12ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/gun_2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc0f207781486fc7dde23d81868a8d1107656031c87103e337abfee7ab50dbe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1371
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 exp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 2 KB
2 KB 11ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/exp.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f05f8e01af4400f7e8ef47aaec6245ed6904b9552fee0f2448a80225adf1bc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1715
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 gun_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 5 KB
5 KB 17ms
15ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/gun_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f535c47b77978bfb9f03aa2cfe9d9e4a17ae8a8eaf44b6464c54d44d66f43fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5410
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 56 KB
56 KB 16ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/car.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74bb5c1458b133170c0151c5fafcf56f0fb2cf110f5fe17da942fd1074ba4fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57481
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 logos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/logos.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49aca7ccb818a50f7a6561a332134a44d47f868550e97eb6d25f57cc4755130d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:47 GMT

GET
H3-29 200 button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 7 KB
7 KB 15ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/button.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e498f3b097a3ec0d7bac08c85fb412497dd21cb14f0498f2c0df630042ee9cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:47 GMT

GET
H3-29 200 new_veh.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 4 KB
4 KB 14ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/new_veh.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e45a16046c93a2ef181433dba24e253cbdbe4910a3fa3b3ca197c50c9e68fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3691
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:47 GMT

GET
H3-29 200 new_gun.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/new_gun.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3638bd6ab11bf9c873ee5f541ebc394314779480f0bb15b264bf68a54642b02

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3292
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 new_cha.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 5 KB
5 KB 13ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/new_cha.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d43bec55c2b869d4be312e1107dd87eda62d2fe4ea33ac9f37b8e1271a8d8d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5270
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29 200 XO.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/ Frame 3B5E 5 KB
5 KB 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/XO.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11307366548342674156/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80abef344a0bbe5285dfd4a48eee982f8ee404d1a7b62a90673ab7077570c1ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:15:31 GMT
server: sffe
date: Wed, 02 Jun 2021 21:08:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 21:08:46 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D1DD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 07-Jun-2021 09:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D242 0
17 B 17ms
16ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Gxwt9u9YK_LHYKOtweu87OoDo2k8qRh7qqD3qsNs_n9q9sWEAEg4uXYJ2CVAqABo9awxAPIAQmpAqWM0SGoabQ-qAMByANIqgS7AU_Qm8tMzmqaJHAqW9JUcpsN8L1WtTHGDaaFyLLrku2rRs6VoZmuBdV4KdktZsDl2fO6LoLQc5_PMwxf-Ae-cM3ehQw-KdOOeeawVtr6gDL8mzTf8hZ0KlUN7oc8AzKKcLhZi1KGz5pNjPjTloxfGzzbAinjHaaROUoaG9iBB6gCHvquCbaAltF6GfoVwxkSYEdAibgoR9FCPOTA6x1mhNennq7pRb2CkE7wdNVspBSn5bYmva0PKP8XZGLABMfPtL6yApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfFqc87qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIiLQNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi01NTQ1NDExMTY3MTAzMjI4&sigh=vJcMWgJNDmI&template_id=419&cbvp=2&vis=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=600&adk=1895110894&adf=1563746040&pi=t.aa~a.1318218710~rp.4&w=281&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=281x600&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1623055287447&bpp=3&bdt=1632&idt=-M&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0&nras=2&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1108&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XxMy0aEF2R&p=http%3A//jiouniversities.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 07 Jun 2021 08:41:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D15B 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 08 Jun 2021 04:11:51 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D15B 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 07 Jun 2021 20:37:24 GMT

GET
H3-29 200 43874a28c9f524bfe32a2bb6b0317ea1.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/ Frame D15B 71 KB
19 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/43874a28c9f524bfe32a2bb6b0317ea1.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05794528464aa37fa21787fd650e180fcedacac56084ca847efc986799fc3c9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 460893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19124
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 14:51:10 GMT
server: sffe
date: Wed, 02 Jun 2021 00:39:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:39:55 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1491
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 07-Jun-2021 09:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame D15B 2 KB
642 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/43874a28c9f524bfe32a2bb6b0317ea1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf0ab1570dc0b75a46c44852bd697bc5857d50f8b51bc3b7ba51b0704cbf3ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 07:30:23 GMT
server: ESF
date: Mon, 07 Jun 2021 08:41:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H3-29 200 1570758f851f9f2c37ffae9f9e264f82.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/media/ Frame D15B 36 KB
36 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/media/1570758f851f9f2c37ffae9f9e264f82.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4158252b4a651d50fbdecdf83cd18e25da9732b1530cfac63a8bfac03f0009eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 467435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37025
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 14:51:10 GMT
server: sffe
date: Tue, 01 Jun 2021 22:50:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 22:50:53 GMT

GET
H3-29 200 f0350274aee3932c1a2e3483b9ce4362.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/media/ Frame D15B 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/media/f0350274aee3932c1a2e3483b9ce4362.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb05d2bbf5dc76d3f1dae66e3601eb1a83adcfa4e56b28720f48f086e0cff86

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 447382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1965
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 14:51:10 GMT
server: sffe
date: Wed, 02 Jun 2021 04:25:06 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 04:25:06 GMT

GET
H3-29 200 7ebe4365536b463bac864bab845a3429.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/media/ Frame D15B 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/media/7ebe4365536b463bac864bab845a3429.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4737822708935884168/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b2450db7ee22ad531a332111bc5eacfb0cce5fd15a5e77d5d2c4ea98647c5f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 453989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2272
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 14:51:10 GMT
server: sffe
date: Wed, 02 Jun 2021 02:34:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:34:59 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FB8 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 06:47:00 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FDC 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 06:47:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC47
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 07-Jun-2021 09:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B811
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5545411167103228&output=html&h=90&adk=2941947262&adf=1035925911&pi=t.aa~a.3149687811~rp.4&w=794&fwrn=4&fwrnh=100&lmt=1623055287&rafmt=1&to=qs&pwprc=6018645733&psa=0&format=794x90&url=http%3A%2F%2Fjiouniversities.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1623055287447&bpp=1&bdt=1632&idt=1&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18f568739a2b3cfb-226eedffc2c80077%3AT%3D1623055287%3ART%3D1623055287%3AS%3DALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw&prev_fmts=0x0%2C281x600%2C794x280%2C794x280%2C794x90&nras=6&correlator=627560498568&frm=20&pv=1&ga_vid=165849996.1623055287&ga_sid=1623055287&ga_hid=1796849881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=211&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C44740386%2C44744015&oid=3&pvsid=2229862595021017&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=GqW16ngk9U&p=http%3A//jiouniversities.com&dtd=31

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 07-Jun-2021 09:41:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Jun 2021 08:41:28 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame D15B 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:05:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:56 GMT
server: sffe
age: 470187
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:05:01 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B5E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 06:47:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90c0d5cd56cff4773ea4f0c29bdf3fdda262b2bbbb12ac8c3ee864abb0a9615c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7642
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 08:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 07 Jun 2021 08:41:28 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame D15B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 06:47:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AF21 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 07 Jun 2021 08:41:10 GMT
expires: Tue, 07 Jun 2022 08:41:10 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0847 783 B
531 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7c4897f21fdf3cbb59feffddc70ded62a30aaea7c602096b7c3bc9e0d5e35f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1LGVAnEyMWnuwHxFtWMvKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://jiouniversities.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://jiouniversities.com/

Response headers

expires: Mon, 07 Jun 2021 08:41:28 GMT
date: Mon, 07 Jun 2021 08:41:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1LGVAnEyMWnuwHxFtWMvKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame AF21 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 06:47:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=2229862595021017&bg=!a2ilaCzNAAY6sG-_OrA7ACkAdvg8WmFTL1vj7mt99spA_OAPU0e9EfY8A9Jv95VHUvwq1Jo3sUoyUwIAAABPUgAAAApoAQcKAKOYKZlYwnqzIvUMvXP5U6uX4xs2pAjJykk-71WXM0no1hVRZWF0eNVRsYREH0lmb21nER8I3_oF7XpNDyzIBxWVY5VZJLXxPExy1BLb7nxdSvoT8C0eD0HNWzVfrKJdkcDr4FlNwQzOPZmmxNXmXbr0W3x51sqmzlZsVP7wB0glp_ghUN916zcXUiBgrqtPgfVk-vexjItVKpDZVRMyUIgprawNmQI_IoTWTlw796xrNoVrfhIHaOG8gNE4rdKTrnhA4yYGrZvTCw2Q-XHdtfzL8_8jrUFg3gJPU8cvIVN0hBtdaBID-usnsHVeAZaiKFyJQ50sonvmrwaLf2oOwlI_AiMe10Du8uuyNjwWmo-UplVfrkDJqYT3XLGKCSGItaVtPVfuXy1U4cj0-T6YXqg2cezGwz34YJUxc4u82vtB7BtNad9jdw0p7QUYT9MExbq4sqPcUI2tNZ7IyhVcSR5Di6UPjWOZ9u3pFGPlaODnMU60rumM-6NQ-GpGx_t3zgI7Vr_RnwXlW4sPTSFKFW89GfrimtTXRfZUkCzRY49ePt2Fi3DYUJEHbAS0ivZjbZabhKODxtu3oteXWz2ufaUlhuhykEfJgv68Trt1sudmVlcWZ00ECCRsoveXoBv28MihwctWkM4SYLwlvC197_FBWo2vujIi_C05T82fdGCt6ekz6NPDu0UGHdB_4_0rDgizOumhAsY9x4gpRbk485Cf7dTBCeabdaA2smx_ge-1lFmomRD9NTY79UGIpQQySyDtohd0Y2ePPzU28BH--J5q1CA9GakdvssIMJSZ8ALBxmtG12-Nq9bEMX8c3lX0TnLbdpTa4RvlI-eGdl7O5QhTooBFOjzbYAiDfvHql2WrELWJlOtFIfq1cq9n_yop42bpoyTOAscU0erEwiVKkg7FpliMesbajrfcQiiySgNY7nCsi8w3CNU0Zqi51zrIBpBzXbo0WQCpQpitRSFcVI4uVrTZrlU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://jiouniversities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 08:41:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:50:58	Name: DSID Value: NO_DATA
.jiouniversities.com/	1970-01-19 18:52:21	Name: _gid Value: GA1.2.2146745117.1623055287
.jiouniversities.com/	1970-01-20 04:12:31	Name: __gads Value: ID=18f568739a2b3cfb-226eedffc2c80077:T=1623055287:RT=1623055287:S=ALNI_MYughe9cLCUKuPCtPHJyyBTDtL0tw
.doubleclick.net/	1970-01-20 04:12:31	Name: IDE Value: AHWqTUkXO5I73eNm6rh9H_9JJ9pq_mMoXKRwJvyBFm_6v1NIVwwHXIvicE598eb0RXQ
.jiouniversities.com/	1970-01-19 18:50:55	Name: _gat_gtag_UA_175901463_1 Value: 1
.jiouniversities.com/	1970-01-20 12:22:07	Name: _ga Value: GA1.2.165849996.1623055287

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jiouniversities.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.181.226
199.188.206.8
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
01e45a16046c93a2ef181433dba24e253cbdbe4910a3fa3b3ca197c50c9e68fc
05794528464aa37fa21787fd650e180fcedacac56084ca847efc986799fc3c9d
07e3b2b92fc8de2a4726ca02d1260537d747e594e0c73239b4c20ae2a83fc950
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0c0131864b6bd44838080829f6ff10603a50186025be77a3de0232fc5e6c58e7
0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344
0e498f3b097a3ec0d7bac08c85fb412497dd21cb14f0498f2c0df630042ee9cd
0e9eaf1b54e77e506640fd0a32b8a908ff75201cd2899878af898d6f4edc300f
10cad6e095dd33e22c1268cc8a0d651329aed61636af54ab4a0d4a007e08bebd
11511854996e430afe2570349b74301d0042353244ebb4a768d49274c2788a8f
128ead405d194dd8c22eea05fa0457a690c40e33ef4b30191b56a000f4e3532a
17e290f351cb47897e866fad434a109402fa8de75b3dc50bfc46edd0368f6974
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
223f3f6dbcb6129bb4e3c692f19c556bb45137f605303ce00cb52760491e346c
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
26b2450db7ee22ad531a332111bc5eacfb0cce5fd15a5e77d5d2c4ea98647c5f
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
2cb05d2bbf5dc76d3f1dae66e3601eb1a83adcfa4e56b28720f48f086e0cff86
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d1d5dae3f158cfc4b799414b170189e823fd3e49046eee1d3d7fcdc3485105f
2f05f8e01af4400f7e8ef47aaec6245ed6904b9552fee0f2448a80225adf1bc5
31a8a4ebf083f62ad8452f51617c5320e2aadc0cddd173b3ff7f3cab66b72ee5
32b5465fe9062f0030bfa921880796c97068beea1d80d87c274af041a6297255
34a5f436d9e51eb9a5e55c65f833d4abac3379c411e1a6acce8406a144f46cc3
368c561c855a936f62076f0c9ce7ee545e74fd42b5a4752247fd88cc6a518cc5
3c4c97817d4302d8e95fb2a3614ecf9fcd386df66d75ec1f04b7ed1fa7164d22
3e4e5f439c70901aa2713a7e96b40c7ebab4ca06c5c3bc731f406f28baa29100
4158252b4a651d50fbdecdf83cd18e25da9732b1530cfac63a8bfac03f0009eb
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
49aca7ccb818a50f7a6561a332134a44d47f868550e97eb6d25f57cc4755130d
519d9025f3921b7b340cd63adf861797fd5155f5115c5a812f343a8c8f6e4edf
53f24292a3fd54889277e9517a5cfd275fc1f2c288fd0adfdfbe63d4131570d5
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
63575c6a5eabb505cb7b1a20316049c6c02733dff339820476366be7380de3a0
66946e3c3ccf3e4609c7da3449aeb3fe9694c330678d98e1d8ea6651dd10dcb9
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68ad76102e5c0aab5e12aca2651f9cf4d7a5ca4869de88810245b1e7f4ae24b6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
72a1c3d3f413cec7de06d02f29045f39459fbd29555bc674e53917c8576f491c
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
763186aaf7c3ba15f0e9187ef50379c4a6260973f93f29cfced357e3730e8c01
7b106f2c26ae05f297d2f827ded52f95464b450c3389d68cc38a534ab39d9190
7ef28258152c9b2b7516e39198481bb5d098d274c91a2987600e3ed220f20b7c
80abef344a0bbe5285dfd4a48eee982f8ee404d1a7b62a90673ab7077570c1ec
841466a65bbf79de1ef65cf9b8039a06047d83a54ea7d88a8d9557e372f9fba2
8b0f6c059cb2f4a52a73c333bc86f5996c9f9e5eea0d07f5f96f2901e7846658
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8ec611e9650d21726fdefe1b6b11e3000e0ec2f186e1fbe0d3244155e90c5c87
8f535c47b77978bfb9f03aa2cfe9d9e4a17ae8a8eaf44b6464c54d44d66f43fb
90c0d5cd56cff4773ea4f0c29bdf3fdda262b2bbbb12ac8c3ee864abb0a9615c
a3638bd6ab11bf9c873ee5f541ebc394314779480f0bb15b264bf68a54642b02
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aca9b5b4cbfd4bc4c8c3f0e6b803f4f17e8e7c79c4166e33dd19363e793143c3
b8d43bec55c2b869d4be312e1107dd87eda62d2fe4ea33ac9f37b8e1271a8d8d
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
bd2317f75582f7f94823a6289701498ee4c75d51ce502c09fd4663de07f3dda4
bef3142e3e8e977ab554f50a7dceed6dfda9b20703a7519faf43fc4944705df9
bf0ab1570dc0b75a46c44852bd697bc5857d50f8b51bc3b7ba51b0704cbf3ad4
c40f9242eb84003930b6d976089da3d4269c9438031dd86ee2a8bd2569b122f7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c72d718cb6beac8f86b383f5f51eff73afb4c625cb4dfb14d1ca229ac57a2275
c74bb5c1458b133170c0151c5fafcf56f0fb2cf110f5fe17da942fd1074ba4fe
cd28633fdb2cc9dde877ea054ac78b7663db3df17752eea49b8dffbfd72551e3
cdfefc4b466698197ea2a8ad22b9708c6b1acdeb37a68a673e272b278b92f56c
d35c809bcd9170b889f996ca93908d12502201718a5c13cf63eecdc5232f1e2d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7ed7183bdb885657910d79795821a5026e26d6acb82f69e5004445902029983
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
e1a4337abd0117172da8d9b293f6ae9a1e6f4b0d8a67d7a1c59fcab1dba88dff
e39592104ddbae1322296040070f96c180de3df022fc6eda041d7179bf792dd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ebbeed59eb5779b87b237c475f6b4edd7fbb10e0778f7778fe1f9444dac648fa
ebc0f207781486fc7dde23d81868a8d1107656031c87103e337abfee7ab50dbe
f0a96d430a906fc76a10e24e105f89b22cf047e1deebcfad3b46bf00c454e43b
f52fcaad39fb61ed178796dcc4e97b42933cb23b4547cb8a46be18ad0f406057
f6f598b37c9efb9b0c52d70e0579b2f66938464e0cfe42fa77cc879420796467
f7c4897f21fdf3cbb59feffddc70ded62a30aaea7c602096b7c3bc9e0d5e35f2
f80bb012b20788fc0502ddf8e610b2cb86f9f0d6aa57311114ff098881d5cbfd

jiouniversities.com Open in urlscan Pro 199.188.206.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

132 Requests

80 %HTTPS

85 %IPv6

12 Domains

14 Subdomains

14 IPs

2 Countries

2414 kBTransfer

4222 kBSize

6 Cookies

2 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jiouniversities.com Open in urlscan Pro
199.188.206.8 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

80 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

2414 kB
Transfer

4222 kB
Size

6
Cookies

132 HTTP transactions
5 data transactions